Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/094210AEC41411EE88C9EDA3775412E6.roa
File:                     094210AEC41411EE88C9EDA3775412E6.roa (raw, json)
Hash identifier:          d6MjgYyVOT5Zjb/xnHtqT0+LbviGAM5BCPUU3e5A5oc=
Subject key identifier:   37:6F:59:EF:0D:96:C2:AA:FC:AA:22:EE:F1:B7:B2:E8:6D:14:A0:51
Certificate issuer:       /CN=F36A1CEFAF/serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
Certificate serial:       040A
Authority key identifier: 82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/094210AEC41411EE88C9EDA3775412E6.roa
Signing time:             Mon 05 Feb 2024 10:48:03 +0000
ROA not before:           Mon 05 Feb 2024 10:47:59 +0000
ROA not after:            Mon 06 Feb 2034 10:47:59 +0000
asID:                     37645
IP address blocks:        102.210.4.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1034 (0x40a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A1CEFAF/serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
        Validity
            Not Before: Feb  5 10:47:59 2024 GMT
            Not After : Feb  6 10:47:59 2034 GMT
        Subject: CN=65c0bce3-16b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:a0:03:3f:fb:95:46:00:5f:57:e6:72:92:91:
                    ea:f9:b5:00:c7:50:47:2f:68:b8:55:08:e8:da:25:
                    32:e3:cd:f5:d7:91:2c:47:27:90:8a:ce:14:7c:75:
                    ae:b8:ff:4a:c4:d3:8b:5a:19:21:8c:00:8d:b5:11:
                    f4:0d:c0:ed:1a:63:60:d2:c0:17:96:d3:4c:ef:0c:
                    09:b8:fd:ca:a1:37:3e:73:cf:62:1e:9d:f6:c8:43:
                    79:b6:2e:4f:78:cb:a9:97:d5:9a:93:67:23:b8:19:
                    d0:b9:a5:39:26:98:18:eb:8b:0c:31:d7:63:7b:bb:
                    0e:74:34:01:74:6c:24:63:02:94:bc:91:d6:27:ec:
                    fe:7a:e1:d6:28:4d:86:0d:17:4c:0c:f7:fc:30:53:
                    d0:e5:b2:ed:e0:38:02:4f:e3:4a:e5:29:56:d7:0a:
                    fd:d9:d0:9e:08:9b:75:c3:85:8d:bf:ca:8c:d9:f4:
                    3c:fd:6f:4c:f6:1f:95:4b:ac:cf:88:6a:a8:ba:30:
                    50:a4:55:97:ef:a6:09:b7:2e:75:17:cc:4e:97:f9:
                    4e:e9:67:f7:ee:86:ee:c5:d8:16:5a:67:90:dc:b5:
                    c9:10:1c:d5:5a:51:85:12:39:0c:c9:d6:c8:98:10:
                    0d:03:bc:7f:67:fe:0b:91:52:e6:5e:63:e8:49:dd:
                    da:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:6F:59:EF:0D:96:C2:AA:FC:AA:22:EE:F1:B7:B2:E8:6D:14:A0:51
            X509v3 Authority Key Identifier:
                keyid:82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/094210AEC41411EE88C9EDA3775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.210.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ac:d4:95:a6:6b:2a:08:ba:35:bb:a3:ef:e6:7c:56:0d:92:6b:
         dd:81:e3:7b:83:0c:ec:4c:52:af:ff:7e:dc:b3:81:cd:f3:f0:
         ec:86:e3:05:0a:58:73:53:fc:8c:e3:7b:0e:b6:ae:bd:32:7a:
         45:1c:ac:bf:24:3d:bb:79:3e:95:e4:ca:f0:2e:aa:92:25:9e:
         de:5f:04:b5:68:88:c9:bc:69:3a:5a:9a:f2:15:1e:7e:62:13:
         ea:cb:ec:4a:d3:f9:cb:6d:a8:6a:74:3f:3c:f4:c5:73:b9:d6:
         46:db:6d:42:2c:11:77:4a:f1:61:c0:ad:6b:43:81:d7:0c:7e:
         4d:95:ec:8a:e6:36:39:5c:f3:aa:fc:9e:8d:38:0f:5d:5b:e9:
         b8:ed:93:be:79:1a:ab:22:05:96:aa:6c:9d:b4:7e:18:2c:a1:
         7f:b2:b7:f9:89:50:ce:51:34:c7:64:96:46:2e:7f:66:54:f6:
         58:a9:0c:48:94:bd:55:a4:5b:f2:a6:f3:90:2e:fd:7f:b5:75:
         5b:57:41:27:0e:84:38:7b:57:f4:99:b1:36:9b:f7:d5:f0:81:
         c6:4a:58:4f:1e:3f:94:b9:cd:ad:7d:e2:5c:0d:17:9c:5c:58:
         77:75:04:b5:69:ad:5c:ef:3d:3d:43:26:a9:3d:dc:97:09:6d:
         9d:b5:b0:00
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBAowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTFDRUZBRjExMC8GA1UEBRMoODJGMUM2NjExQTNBMTQ2N0RCM0Q3OEE0QTVGRUQ1
MEEwOEE1N0IxMzAeFw0yNDAyMDUxMDQ3NTlaFw0zNDAyMDYxMDQ3NTlaMBgxFjAU
BgNVBAMTDTY1YzBiY2UzLTE2YjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDRoAM/+5VGAF9X5nKSker5tQDHUEcvaLhVCOjaJTLjzfXXkSxHJ5CKzhR8
da64/0rE04taGSGMAI21EfQNwO0aY2DSwBeW00zvDAm4/cqhNz5zz2IenfbIQ3m2
Lk94y6mX1ZqTZyO4GdC5pTkmmBjriwwx12N7uw50NAF0bCRjApS8kdYn7P564dYo
TYYNF0wM9/wwU9Dlsu3gOAJP40rlKVbXCv3Z0J4Im3XDhY2/yozZ9Dz9b0z2H5VL
rM+Iaqi6MFCkVZfvpgm3LnUXzE6X+U7pZ/fuhu7F2BZaZ5DctckQHNVaUYUSOQzJ
1siYEA0DvH9n/guRUuZeY+hJ3dp3AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUN29Z
7w2Wwqr8qiLu8bey6G0UoFEwHwYDVR0jBBgwFoAUgvHGYRo6FGfbPXikpf7VCgil
exMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkExQ0VGLzdGMzg4REU0RjEzODExRUI5MTdGRDcxN0Q4QTAxNENFL2d2SEdZ
Um82RkdmYlBYaWtwZjdWQ2dpbGV4TS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2d2SEdZUm82RkdmYlBYaWtwZjdWQ2dpbGV4TS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkExQ0VGLzdGMzg4REU0RjEzODExRUI5MTdGRDcxN0Q4
QTAxNENFLzA5NDIxMEFFQzQxNDExRUU4OEM5RURBMzc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm0gQwDQYJKoZIhvcNAQEL
BQADggEBAKzUlaZrKgi6Nbuj7+Z8Vg2Sa92B43uDDOxMUq//ftyzgc3z8OyG4wUK
WHNT/Izjew62rr0yekUcrL8kPbt5PpXkyvAuqpIlnt5fBLVoiMm8aTpamvIVHn5i
E+rL7ErT+cttqGp0Pzz0xXO51kbbbUIsEXdK8WHArWtDgdcMfk2V7IrmNjlc86r8
no04D11b6bjtk755GqsiBZaqbJ20fhgsoX+yt/mJUM5RNMdklkYuf2ZU9lipDEiU
vVWkW/Km85Au/X+1dVtXQScOhDh7V/SZsTab99XwgcZKWE8eP5S5za194lwNF5xc
WHd1BLVprVzvPT1DJqk93JcJbZ21sAA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:57 2024 by rpki-client on console-fra.rpki-client.org